On this page

VPN or Virtual Private Network is a secure private network over a public network like the internet. A VPN is a secure tunnel trough the internet which protects your data traffic and increases internet privacy and security. Access to the VPN is restricted by secure authentication methods.

OpenVPN is an open source software to build virtual private networks, it uses the OpenSSL library to encrypt the tunneled data and supports UDP or TCP transports. OpenVPN can use pre-shared keys, certificate based and username/password based authentication mechanisms.

In this tutorial, I will show you how to implement a virtual private network using OpenVPNvpn under the Linux operating system OpenSUSE Leap 42.1.

Prerequisites

OpenSUSE Leap 42.1 - 64bit

Root privileges

TUN/TAP enabled

Step 1 - Checking if TUN/TAP is enabled

If you want to create a VPN on your server, make sure TUN/TAP is installed and enabled. You can check that with the command below:

cat /dev/net/tun

The result should be:

cat: /dev/net/tun: File descriptor in bad state

Step 2 - Install OpenVPN

OpenVPN is available in the OpenSUSE repository. You can install it using the zypper command:

zypper in openvpn

Step 3 - Easy-RSA Setup

Next, download easy-rsa to generate a certificate file. The easy-rsa is a utility to manage certificates, you can create the root certificate authority with it and request and sign certificates.

Go to the OpenVPN directory and download easy-rsa with the wget command:

Step 5 - Configure SuSEfirewall2

SuSEfirewall2 is a script for generating iptables rules based on the file "/etc/sysconfig/SuSEfirewall2". We will install SuSEfirewall2 and then configure the port to access OpenVPN, then we will enable NAT with an iptables script for OpenVPN.

Install SuSEfirewall2 with the zypper command:

zypper in SuSEfirewall2

Now, go to the sysconfig directory, and edit the SuSEfirewall2 configuration file: